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AMENDMENTS TO THE CLAIMS 

1. (Currently Amended) A method for allocating a plurality of encryption keys 
according to a plurality of access authorization classes, said method comprising the steps of: 

setting an access authorization to at least one access point in advance; 

when a wireless station requests said at least one access point to perform initial 
authentication, differentiating said encryption keys according to a plurality of access 
authorization types; and 

obtaining by at least one wireless station the differentiated encryption keys in advance. 

2. (Original) The method of claim 1, wherein the access authorization types include 
a class 1 that indicates access authorization to an access point to which the wireless 

station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 

a class 3 that indicates access authorization to all access points included in the LAN to 
which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide 
area network (WAN). 

3. (Original) The method of claim 1, further comprising a step of 

a wireless station desiring to communicate with an access point selecting from the 
plurality of encryption keys an encryption key corresponding to the access authorization to the 
access point and communicates data with the access point, wherein the wireless station has a 
plurality of encryption keys corresponding to access authorization types. 
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4. (Currently Amended) A- The method of claim 1, wherein the differentiating 

encryption keys step further comprises: for allocating one or more encryption keys according to a 

plurality of access authorization class e s, compri s ing: 

(a) a -determining access authorization to an access point when the access point is 
requested to perform initial authentication by said w ireless station requesting an access point to 
perform auth e ntication and th e access point, which is r e qu e st e d to p e rform authentication, 
determining acc e ss authorization to th e acc e ss point ; 

(b) obtaining an encryption key and generating a shared key set including the obtained 
encryption keys in accordance with the determination result of step (a); 

(c) determining access authorization to an access point belonging to a LAN by a LAN 
authentication server which is requested to perform initial authentication by the wireless station 
requesting a LAN auth e ntication serv e r to perform authentication , and th e LAN authentication 
s e rver, which is requ es ted to perform authentication , d e t e rmining access authorization to an 
acc e ss point belonging to th e LAN ; 

(d) obtaining an encryption key and updating the shared key set by adding the encryption 
key to the shared key set in accordance with the determination result of step (c); 

(e) determining access authorization to an access point belonging to a WAN by a WAN 
authentication server which is requested to perform initial authentication by the wireless station 
requesting a WAN authentication server to perform authentication and the WAN authentication 
s e rver , which is request e d to perform authentication , determining access authorization to an 
acc e ss point belonging to the WAN ; and 

(f) obtaining an encryption key and updating the shared key set by adding the encryption 
key to the shared key set in accordance with the determination result of step (e). 

5. (Original) The method of claim 4, wherein step (a) further comprises a step of the 
wireless station requesting an access point to perform authentication, and the access point which 
is requested to perform authentication determining whether or not access authorization to the 
access point corresponds to a class 1, said class 1 indicating access authorization to an access 
point to which the wireless station is assigned. 
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6. (Original) The method of claim 4, wherein step (c) further comprises the steps of: 

(cl) the LAN authentication server determining whether or not the access authorization to 
the access point corresponds to a class 2, said class 2 indicating access authorization to 
predetermined access points included in a LAN to which the wireless station belongs to; 

(c2) if a determination result of step (cl) indicates that the access authorization 
corresponds to said class 2, obtaining an encryption key of class 2, and determining whether or 
not the access authorization corresponds to a class 3, said class3 indicating access authorization 
to all access points included in the LAN to which the wireless station belongs to; and 

(c3) if a determination result of step (c2) indicates that the access authorization 
corresponds to said class 3, obtaining an encryption key of class 3. 

7. (Original) The method of claim 6, wherein step (c2) further comprises the steps of: 
allocating a null encryption key if the determination result of step (cl) indicates that the 

access authorization does not correspond to said class 2; 

determining whether the access authorization corresponds to class 3; and 
allocating a null encryption key if a determination result indicates that the access 

authorization does not correspond to class 3. 

8. (Currently Amended) A roaming method for a wireless station using a plurality of 
encryption keys allocated according to a plurality of access authorization classes, said method 
comprising the steps of: 

(a) setting an access authorization to an access point in advance, when a wireless station 
requests said access point to perform initial authentication differentiating said plurality of 
encryption keys according to a plurality of access authorization types and 

a -said wireless station obtaining in advance an encryption key set including the 
differentiated plurality of encryption keys for respective access points; 

(b) receiving a command to communicate with an access point not available for 
communication using an encryption key currently selected in the encryption key set; 
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(c) determining an access authorization to the access point not available for 

communications; 

(d) selecting an encryption key from the encryption key set obtained in advance 
corresponding to the determined access authorization; and 

(e) using the selected encryption key to encrypt a transmission message and communicate 
with the access point not available for communication. 

9. (Original) The method of claim 8, wherein the access authorization types of the 
encryption key set include 

a class 1 that indicates access authorization to an access point to which the wireless 
station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 

a class 3 that indicates access authorization to all access points included in the LAN to 
which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide , 
area network (WAN). 

10. (Original) A computer readable medium having embodied thereon a program of 
instructions executable by a computer for performing the method of claim 4. 

11. (Original) A computer readable medium having embodied thereon a program of 
instructions executable by a computer for the method of claim 8. 

12. (Original) An apparatus for allocating a plurality of encryption keys according to a 
plurality of access authorization classes, comprising: 

an access authorization determining unit for determining an access authorization class for 
communication between a wireless station from a plurality of wireless stations and an access 
point from a plurality of access points; 
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an encryption key storing unit which stores said plurality of encryption keys according to 

said access authorization classes; and 

an encryption key allocation unit which reads an encryption key from the encryption key 

storing unit corresponding to a determination result of the access authorization determining unit 

and transfers a value of said encryption key to the wireless station. 

13. (Original) The apparatus of claim 12, wherein the access authorization classes include 
a class 1 that indicates access authorization to an access point to which the wireless 

station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned* 

a class 3 that indicates access authorization to all access points included in the LAN to 
which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide 
area network (WAN). 

14. (Previously Presented) A computer readable medium storing instructions which, 
when executed causes execution of a program implementing a structure of a wireless data packet 
used for allocating encryption keys according to access authorization classes in a wireless 
network that comprises a wireless station and an access point, the structure comprising: 

a header of said data packet transmitted through the wireless network; 
an access authorization information storing field, which indicates access authorization for 
communication between the wireless station and the access point; 

an encrypted data field in which data contents to be transmitted are encrypted and stored; 

and 

an error correction field, which is used to correct data error. 
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15. (Original) The computer readable medium of claim 14, wherein the access 

authorization information storing field comprises two bits and through possible combinations of 

the two bits, stores 

a class 1 that indicates access authorization to an access point to which the wireless 
station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 

a class 3 that indicates access authorization to all access points included in the LAN to 
which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide 
area network (WAN). 
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